<?php

session_start();

if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {

    header("Location: login.php");
}

//==========================================
//	ESCAPE DANGEROUS SQL CHARACTERS
//==========================================
function quote_smart($value, $handle) {

    if (get_magic_quotes_gpc()) {
        $value = stripslashes($value);
    }

    if (!is_numeric($value)) {
        $value = "'" . mysql_real_escape_string($value, $handle) . "'";
    }
    return $value;
}

//
include 'i_init_client.php';
//
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
    $client_ID = $_GET['client_ID'];
print "client_ID=" . $client_ID . "<br>";
    $ID = htmlspecialchars($client_ID);

    //==========================================
    //	CONNECT TO THE LOCAL DATABASE
    //==========================================
    $user_name = "root";
    $pass_word = "haddons";
    $database = "PPI";
    $server = "127.0.0.1";

    $db_handle = mysql_connect($server, $user_name, $pass_word);
    $db_found = mysql_select_db($database, $db_handle);

    if ($db_found) {

        $SQL = "SELECT * FROM client WHERE ID = '$ID'";
        $result = mysql_query($SQL);
        $num_rows = mysql_num_rows($result);
        //====================================================
        //	CHECK TO SEE IF THE $result VARIABLE IS TRUE
        //====================================================
        if ($result) {
            include 'i_head.php';
            if ($num_rows > 0) {
                $db_field = mysql_fetch_assoc($result);
                /* foreach ($db_field as $key_name => $key_value) {
                  print $key_name . "=" . $key_value . "<BR>";
                  } */
                //$ID = $db_field['ID'];
                $title1 = $db_field['Title'];
                $fname1 = $db_field['FirstNames'];
                $lname1 = $db_field['Surname'];
                $telno1 = $db_field['TelNo'];
                $email1 = $db_field['Email'];
                $house = $db_field['House'];
                $street = $db_field['Street'];
                $town = $db_field['Town'];
                $county = $db_field['County'];
                $postcode = $db_field['Postcode'];
                $title2 = $db_field['OtherTitle'];
                $fname2 = $db_field['OtherFirstNames'];
                $lname2 = $db_field['OtherSurname'];
                $telno2 = $db_field['OtherTelno'];
                $email2 = $db_field['OtherEmail'];

                include 'i_ClientForm.php';
            } else {
                $message = "not found!";
                print $message;
            }
            include 'i_foot.html';
        }
    }
} else {
    include 'i_head.php';
    include 'i_ClientForm.php';
    include 'i_foot.html';
}
?>